Re: [PATCH v6 2/8] module: use relative references for __ksymtab entries

From: Ard Biesheuvel
Date: Thu Dec 28 2017 - 07:39:46 EST

Next message: Alexander Kochetkov: "Re: [PATCH 1/2] clk: rename clk_core_get_boundaries() to clk_hw_get_boundaries() and expose"
Previous message: Linus Walleij: "Re: [PATCH] MAINTAINERS: mark arch/blackfin/ and its gubbins as orphaned"
In reply to: Ingo Molnar: "Re: [PATCH v6 2/8] module: use relative references for __ksymtab entries"
Next in thread: kbuild test robot: "Re: [PATCH v6 2/8] module: use relative references for __ksymtab entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 28 December 2017 at 12:05, Ingo Molnar <mingo@xxxxxxxxxx> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
>
>> Annoyingly, we need this because there is a single instance of a
>> special section that ends up in the EFI stub code: we build lib/sort.c
>> again as a EFI libstub object, and given that sort() is exported, we
>> end up with a ksymtab section in the EFI stub. The sort() thing has
>> caused issues before [0], so perhaps I should just clone sort.c into
>> drivers/firmware/efi/libstub and get rid of that hack.
>>
>> [0] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=29f9007b3182ab3f328a31da13e6b1c9072f7a95
>
> If the root problem is early bootstrap code randomly using generic facility that
> isn't __init, then we should definitely improve tooling to at least detect these
> problems.
>
> As bootstrap code gets improved (KASLR, more complex decompression, etc. etc.) we
> keep using new bits of generic facilities...
>
> So this should definitely not be hidden by open coding that function (which has
> various other disadvantages as well), but should be turned from silent breakage
> either into non-breakage (and do so not only for sort() but for other generic
> functions as well), or should be turned into a build failure.
>

We already have safeguards in place to ensure that the arm64 EFI stub
(which is essentially the same executable as the kernel proper) only
pulls in code that has been made available to it explicitly. That is
why sort.c is recompiled for the EFI stub, as well as all other C code
that is shared between the stub and the kernel. We also have a build
time check to ensure that the resulting code does not rely on absolute
symbol references, which will be invalid in the UEFI execution
context.

So the only problem is that unneeded ksymtab/kcrctab sections, which
affected ARM for obscure reasons; typically, they just take up some
space. On x86, the kaslr code deals with a similar issue by
#define'ing _LINUX_EXPORT_H before including linux/export.h, which
also gets rid of these sections, but I was a bit reluctant to copy
that pattern. Perhaps we should enhance linux/export.h for reasons
such as these by adding a macro that nops out EXPORT_SYMBOL()
declarations?

Next message: Alexander Kochetkov: "Re: [PATCH 1/2] clk: rename clk_core_get_boundaries() to clk_hw_get_boundaries() and expose"
Previous message: Linus Walleij: "Re: [PATCH] MAINTAINERS: mark arch/blackfin/ and its gubbins as orphaned"
In reply to: Ingo Molnar: "Re: [PATCH v6 2/8] module: use relative references for __ksymtab entries"
Next in thread: kbuild test robot: "Re: [PATCH v6 2/8] module: use relative references for __ksymtab entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]